Identity management standards: A literature review

Yıl 2023, Cilt: 3 Sayı: 1, 35 - 46, 30.06.2023

Athanasios Kiourtis Thanassis Giannetsos Sofia-anna Menesidou Argyro Mavrogiorgou Chrysostomos Symvoulidis Alessio Graziani Spyridon Kleftakis Konstantinos Mavrogiorgos Nikolaos Zafeiropoulos Christos-alexandros Gkolias Dimosthenis Kyriazis

Öz

Electronic identification (eID) and Identity Management (IDM) in the context of information systems is considered of crucial importance for citizen data safety, since it can authorize the proper stakeholders to access sensitive data. The plethora of information systems’ users and devices, the need for increased data confidentiality and integrity, as well as the requirement for proper data exchange considering short-range and long-range distance data exchange protocols and networks, increases the overall necessity for proper IDM mechanisms and techniques. Nevertheless, it needs to be identified that IDM mechanisms are not only security tools that improve technical skill sets, but the leaders towards opportunities that emerge. This manuscript provides an overview of state-of-the-art IDM standards and regulations towards interoperable eID, namely SAML, WS-Federation, OAuth, OpenID, FIDO, and Mobile Connect, including their latest versions. It considers different architectural components and scenarios, covering aspects of multiple domains, with the ability to be exploited across several networking and communication systems.

Anahtar Kelimeler

Electronic Identification, Identity Management, OAuth, SAML, WS-Federation

Destekleyen Kurum

European Union ; European Union and Greek national funds through the Operational Program Competitiveness, Entrepreneurship and Innovation under the call RESEARCH-CREATE-INNOVATE

Proje Numarası

870675; BeHEALTHIER-T2EDK-04207

Kaynakça

• [1] Lips, S, Tsap, V, Bharosa, N, Krimmer, R, Tammet, T, Draheim, D. Management of National eID Infrastructure as a State-Critical Asset and Public-private Partnership: Learning from the Case of Estonia. Information Systems Frontiers 2023; 1-18.
• [2] Maltezou, H C, Giannouchos, T V, Pavli, A, Tsonou, P, Dedoukou, X, Tseroni, M, Souliotis, K. Costs associated with COVID-19 in healthcare personnel in Greece: a cost-of-illness analysis. Journal of Hospital Infection 2021; 114: 126-133.
• [3] Sharma, A K. A Study on Digital-Signatures with Hash-Functions. Journal of Comp. Sciences & Eng 2019; 7: 604-607.
• [4] Liu, Y, He, D, Obaidat, M S, Kumar, N, Khan, M K, Choo, K K R. Blockchain-based identity management systems: A review. Journal of network and computer applications 2020; 166: 102731.
• [5] Bouras, M A, Lu, Q, Zhang, F, Wan, Y, Zhang, T, Ning, H. Distributed ledger technology for eHealth identity privacy: state of the art and future perspective. Sensors 2020; 20(2): 483.
• [6] Kiourtis, A, Mavrogiorgou, A, Kyriazis, D, Graziani, A, Torelli, F. Improving Health Information Exchange through Wireless Communication Protocols. In: 2020 16th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), pp. 32-39.
• [7] Rannenberg, K. A framework for identity management (ISO/IEC 24760).
• [8] Kovac, M. E-health demystified: An e-government showcase. Computer 2014; 47(10): 34-42.
• [9] Carretero, J, Izquierdo-Moreno, G, Vasile-Cabezas, M, Garcia-Blas, J. Federated identity architecture of the European eID system. IEEE Access 2018; 6: 75302-75326.
• [10] Torroglosa-García, E, Skarmeta-Gomez, A F. Towards Interoperabilty in Identity Federation Systems. J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl. 2017; 8(2): 19-43.
• [11] Ribeiro, C, Leitold, H, Esposito, S, Mitzam, D. STORK: a real, heterogeneous, large-scale eID management system. International Journal of Information Security 2018; 17: 569-585.
• [12] Edris, E K K, Aiash, M, Loo, J K K. The case for federated identity management in 5G communications. In: 2020 Fifth International Conference on Fog and Mobile Edge Computing (FMEC), pp. 120-127.
• [13] Trust Services and eID (eIDAS regulation), https://ec.europa.eu/digital-single-market/en/trust-services-and-eid
• [14] Kennedy, E, Millard, C. Data security and multi-factor authentication: Analysis of requirements under EU law and in selected EU Member States. Computer Law & Security Review 2016; 32(1): 91-110.
• [15] Masi, M, Bittins, S, Cunha, J, Atzeni, A. e-SENS 5.2 eHealth eIDAS eID Pilot: Technical Feasibility Report, 2017.
• [16] Pöhn, D, Grabatin, M, Hommel, W. eID and self-sovereign identity usage: an overview. Electronics 2021; 10(22): 2811.
• [17] Katehakis, D G, Gonçalves, J, Masi, M, Bittins, S. Interoperability Infrastructure Services to Enable Operational Secure Cross-Border eHealth Services in Europe 2021.
• [18] eIDAS-Node National IdP & SP Integration Guide, Version 2.1, 2018.
• [19] Sobh, T S. Identity management using SAML for mobile clients and Internet of Things. Journal of High Speed Networks 2019; 25(1): 101-126.
• [20] Aldosary, M, Alqahtani, N. A Survey on Federated Identity Management Systems Limitation and Solutions. International Journal of Network Security & Its Applications (IJNSA) 2021; 13.
• [21] Li, W, Mitchell, C J. User access privacy in OAuth 2.0 and OpenID connect. In: 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pp. 664-6732.
• [22] Navas, J, Beltrán, M. Understanding and mitigating OpenID Connect threats. Computers & Security 2019; 84: 1-16.
• [23] OpenID: The Web’s Most Successful Failure, http://www. webmonkey. com/2011/01/openid-the-webs-most-successful-failure.
• [24] Hu, K, Zhang, Z. Security analysis of an attractive online authentication standard: FIDO UAF protocol. China Communications 2016; 13(12): 189-198.
• [25] Srinivas, S, Balfanz, D, Tiffany, E, Czeskis, A, Alliance, F. Universal 2nd factor (U2F) overview. FIDO Alliance Proposed Standard 2015; 15.
• [26] Frymann, N, Gardham, D, Kiefer, F, Lundberg, E, Manulis, M, Nilsson, D. Asynchronous Remote Key Generation: An Analysis of Yubico's Proposal for W3C WebAuthn. In: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, pp. 939-954.
• [27] Mobile connects, https://mobileconnect.io/
• [28] Mavrogiorgou, A, Kiourtis, A, Kyriazis, D. A Generic Approach for Capturing Reliability in Medical Cyber-Physical Systems. In Artificial Intelligence Applications and Innovations: AIAI 2018 IFIP WG 12.5 International Workshops, SEDSEAL, 5G-PINE, MHDW, and HEALTHIOT, pp. 250-262.
• [29] Kyriazis, D, Biran, O, Bouras, T, Brisch, K, Duzha, A, del Hoyo, R., Tsanakas, P. Policycloud: analytics as a service facilitating efficient data-driven public policy management. In Artificial Intelligence Applications and Innovations: 16th IFIP WG 12.5 International Conference, AIAI 2020, pp. 141-150.